Currently getProgramInfoLog() in GraphicsContext3DOpenGL.cpp assumes that operator new[]
and fastMalloc() are equivalent when it adopts a fastMalloc() allocated buffer. Notice,
OwnArrayPtr ultimately calls delete[] on destruction. When GLOBAL_FASTMALLOC_NEW is disabled,
it isn't true that operator new[], operator delete[] are equivalent to fastMalloc(), fastFree(),
respectively. Hence, there may be a mismatch between the allocation and deallocation
routines. Therefore, we should allocate the array to be adopted by OwnArrayPtr using
operator new[].

Set the XDG_CACHE_HOME environment variable when testing with
WebKitTestRunner. This way the testing is started with a non-existing
application cache. If the cache exists and is not empty, the emptying
and vacuuming that is performed before every test can consume a lot of
time.

This is just a temporary workaround until it becomes possible to set
a desired directory to be used as the application cache location through
WebKitWebContext.

The crash was caused by DynamicSubtreeNodeList::SubtreeCaches::domVersionIsConsistent
using m_cachedItem as a way to access the document. Changed SubtreeCaches to use
DynamicSubtreeNodeList's m_node instead.

Previously, we had to carefully check every object tree hanging off of
DOMWindow to make sure that every property correctly disconnected
itself and all its subobjects from the Frame when the DOMWindow
disconnected from the Frame.

This patch introduces DOMWindowProperty, which is a base class that
handles this work automagically, ensuring that we won't have any
dangling Frame pointers and removing a bunch of boilerplate code.

WebKit2 printing works by having the web process render the page content to a PDF. The PDF
data is then shipped to the UI process which will render it in to the printing graphics context.
Links were being lost because the API used to do the rendering of the PDF in to the printing
graphics context, CGContextDrawPDFPage, did not preserve the links that were present in the
PDF content received from the web process.

To fix this we switch to using PDFKit for drawing the PDF in to the printing graphics context.
PDFKit provides the ability for us to iterate over the links in the PDF content ourselves and
add links in to the printing graphics context.

Reviewed by Alexey Proskuryakov.

UIProcess/API/mac/WKPrintingView.h:

UIProcess/API/mac/WKPrintingView.mm:

(pdfAnnotationLinkClass): Look up the PDFAnnotationLink class from PDFKit as WebKit2 loads PDFKit lazily.
(pdfDocumentClass): Ditto.
(-[WKPrintingView _drawPDFDocument:page:atPoint:]): Switch to using the PDFKit equivalents of several types.
Iterate over the annotations present in the PDFPage, calling CGPDFContextSetURLForRect for each PDFAnnotationLink
that we find.
(-[WKPrintingView _drawPreview:]): Create an NSData to feed to PDFDocument.
(-[WKPrintingView drawRect:]): Ditto.

WebKit2Prefix.h: Add the usual workaround to make Objective-C exceptions compile when C++ exception handling is disabled.

The main issue was that an old optimization (see bug 4377) caused
visibility:hidden layers to not appear in the z-order lists, but those
layers could still become composited, but would remain detached. In addition,
composited layers which were visibility:hidden would become visible sometimes.

With this fix, the z-order lists always contain all layers when the page
is in compositing mode. GraphicsLayer is changed to ensure that visibility:hidden
layers show no content, and visible descendants of hidden layers work correctly.

(WebCore::GraphicsLayerCA::setContentsVisible): Override setContentsVisible.
(WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Handle ContentsVisibilityChanged
flag
(WebCore::GraphicsLayerCA::updateSublayerList): Only parent the m_contentsLayer if the layer
has visible contents.
(WebCore::GraphicsLayerCA::updateContentsVisibility): For bits painted into the layer itself,
we hide it by clearing the backing store.

(WebCore::RenderLayer::updateZOrderLists): If we're in compositing mode, include all layers
in the z-order lists.
(WebCore::RenderLayer::collectLayers): New param to specify whether we need to collect all layers.

rendering/RenderLayer.h:

(WebCore::RenderLayer::hasVisibleDescendant): Add comment about the need for an assertion in hasVisibleContent()
, and assertion in hasVisibleDescendant().

rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): Call setContentsVisible() on the GraphicsLayer.
(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer): We can use simple container layers in cases
where visibility:hidden causes layer content to not be drawn.
(WebCore::RenderLayerBacking::hasVisibleNonCompositingDescendants): Renamed from hasNonCompositingDescendants()
because it now also looks at visibility to decide when things are visible.

(WebCore::SVGAttributeToPropertyMap::addProperties):
(WebCore::SVGAttributeToPropertyMap::addProperty): use HashMap::add() to avoid an
extra hash lookup to set a new PropertiesVector.
(WebCore::SVGAttributeToPropertyMap::synchronizeProperties):

The pixel results generated by DumpRenderTree and WebKitTestRunner differed because
of color profile issues. Fix by keeping everything in device RGB and ensuring that the
test window uses the main display's color space, so that the pixel values in the bitmap
that gets checksummed are identical to the CSS colors.

Removed the code that switches the display profile in DRT, since that is no longer required.

UIProcess/API/mac/WKPrintingView.mm:
(-[WKPrintingView dealloc]): Dealloc in main thread, so that WebFrameProxy doesn't get
deref'ed from a secondary one.
(-[WKPrintingView _adjustPrintingMarginsForHeaderAndFooter]): This method calls out to client,
which only expects that on main thread.
(-[WKPrintingView knowsPageRange:]): Call _adjustPrintingMarginsForHeaderAndFooter on main
thread.

Added a DecayArray trait, that can convert T[] and T[3] -> T*. DecayArray
is composed of some helpers which are also exposed, Conditional<>, which
can provide one type or another based on a boolean predicate, IsArray<>
which can deduce array types, and RemoveExtent<>, which removes the extent
from an array type.

A couple of ASSERTs were failing due to a parsing problem when
advancing an inline iterator to the next linebreak in a
RenderCombineText. skipLeadingWhitespace advances the iterator
over leading whitespace but when searching for the line break
nextLineBreak would call RenderCombineText::combineText(),
collapsing the text so that the iterator is pointing past the
end of it.

This patch causes combineText() to be called during
skipLeadingWhiteSpace before iteration over the RenderCombineText
begins.

Replaced the bitmap version of the test with a "reftest" version. Use of text
has been revised a little to mitigate the possibility that small differences in
the platform's default font will change the location of line breaks.

(WebCore::RenderFlexibleBox::computePreferredMainAxisExtent): Always clear the override size since
it may be set when aligning.
(WebCore::RenderFlexibleBox::alignChildren): Only relayout if the height changed.

Add a new ScrollElasticityControllerClient::immediateScrollBy client member function.
Also, make ScrollAnimatorMac::smoothScrollWithEvent calls go through the ScrollElasticityController
in preparation for moving that function to ScrollElasticityController.

Test: storage/indexeddb/prefetch-bugfix-108071.html
Note: DumpRenderTree doesn't exercise the bug, it only occurs in
multi-process chromium. The layout test will soon be run as a
chromium ui test: ​http://codereview.chromium.org/9108004

storage/IDBCursorBackendImpl.cpp:

(WebCore::IDBCursorBackendImpl::IDBCursorBackendImpl):
(WebCore::IDBCursorBackendImpl::~IDBCursorBackendImpl): Destroy
cursors before their objectstores.
(WebCore::IDBCursorBackendImpl::prefetchReset): Don't run continue if
the cursor is closed.
(WebCore::IDBCursorBackendImpl::close): Set a closed flag.

The !important rules in fullscreenQuickTime.css are overriding the styles added by the
drag operation in MediaControlElements.cpp. Give the panel a "dragged" class in setPosition
(clearing it in resetPosition) that allows the !important rules to apply only when the
panel is not dragged.

We need to clear the style selector on doc type change as the doc type
may affect interpretation of the stylesheets. r104060 extended the life
of the style selector in some cases, exposing this problem.

Includepaths are sometimes modified by non-Qt contributors so keeping
them in files inside Sources makes it more likely that they are updated
along with project files for the other ports.

Using pri files instead of prf files for this also has the benefit that
the include() from the main target file can be parsed and followed by
Qt Creator -- something that does not work with load().

Dependency from a target to a library through the WEBKIT variable are
handled through forwarding-files in Tools/qmake/mkspecs/modules, which
set the source root of the module and include the right pri file.

Ideally we'd use the variant of include() that takes an optional
namespace to read the variables into, or the fromfile() function,
but both of these add an overhead of about 40% on the total qmake
runtime, due to making a deep copy of all the variables in the
project or re-reading all the prf files from scratch.

Add new pre-rendering code to pre-render the view area more efficiently.
At first find centered view position where backing store starts to queuing the render request from.
And append the request into the tiled backing store in spiral order.

A non-native editable text element is an element with an ARIA role of "textbox", which is
set on an element which behaves like an editable text element (such as a textarea, text
input field or contenteditable text), but whose behaviour is controlled by the author rather
than the browser.

This change makes certain methods on Node, and related methods in htmlediting and
visible_units, aware of the notion that an element may be editable only from the point of
view of assistive technology (via the ARIA textbox role), via the EditableType enum added to
EditingBoundary.h.

This is so that AccessibilityObject::lineForPosition() can use previousLinePosition(), and
AccessibilityRenderObject::indexForVisiblePosition() can use highestEditableRoot(), in a way
that respects non-native editability.

Test: accessibility/textbox-role-reports-line-number.html

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::rootAXEditableElement): Returns the root element which is
editable from the point of view of assistive technology, whether natively or otherwise.
(WebCore::AXObjectCache::nodeIsTextControl): Whether the given node is considered an
editable text element by assistive technology, natively or otherwise.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::lineForPosition): Modified to request the previous line
position in an element which is editable to Accessibility.

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::indexForVisiblePosition): Modified to request the
highest root element which is editable to Accessibility.

dom/Node.cpp:

(WebCore::Node::rendererIsEditableToAccessibility): Whether this node is editable to
Accessibility for the given EditableLevel.
(WebCore::Node::rootEditableElement): Overloaded version of this method which takes an
EditableType enum value indicating whether non-native editability is to be respected.

dom/Node.h:

(WebCore::Node::rendererIsEditable): Overloaded version of this method which takes an
EditableType enum value indicating whether non-native editability is to be respected.
(WebCore::Node::rendererIsRichlyEditable): Overloaded version of this method which takes
an EditableType enum value indicating whether non-native editability is to be respected.

The regression was caused by isDomVersionConsistent not being able to obtain the tree version
inside isLengthCacheValid when m_cachedItem is null. Fix the regression by always setting
m_cachedItem to some node when caching the length so that we can obtain the tree version later.

Also address Antti's review comment to fit m_cachedLength, m_isLengthCacheValid, and
m_isItemCacheValid all in 32-bit.

This change extracted Node::setTreeScopeRecursively(),
setDocumentRecursively() and a part of setDocument() into a new
class called TreeScopeAdopter. By doing this, the idea of
moving a node from scope to scope, that was originally hidden
behind the forest of Node APIs, has become clearer.

Test: storage/indexeddb/prefetch-bugfix-108071.html
Note: DumpRenderTree doesn't exercise the bug, it only occurs in
multi-process chromium. The layout test will soon be run as a
chromium ui test: ​http://codereview.chromium.org/9108004

storage/IDBCursorBackendImpl.cpp:

(WebCore::IDBCursorBackendImpl::IDBCursorBackendImpl):
(WebCore::IDBCursorBackendImpl::~IDBCursorBackendImpl): Destroy
cursors before their objectstores.
(WebCore::IDBCursorBackendImpl::prefetchReset): Don't run continue if
the cursor is closed.
(WebCore::IDBCursorBackendImpl::close): Set a closed flag.

This internalizes the animation rate limiting logic to CCLayerTreeHost and removes the setters/getters for the
m_animating flag. This requires that all animation updates have to go through CCLayerTreeHost to get the right
rate limiting behavior, regardless of which proxy is being used.

Routes WebWidget-initiated animate() calls through the CCLayerTreeHost in composited mode. CCLayerTreeHost's
rate limiting logic needs to be aware of when requestAnimationFrame callbacks are run. In threaded mode, the
animate calls are driven from CCThreadProxy and so the CCLayerTreeHost can set whatever state it needs. This
makes the single-threaded mode where the animate calls are driven through the WebWidget interface outside of the
CCProxy's control.

This is a small step towards inverting the scheduling control from the WebWidget to the compositor.

Removed m_isDataComplete from class NativeImageSkia. Instead, data
completeness will be tracked through SkBitmap::setImmutable/
isImmutable. The immutable state signifies that the pixel data
will no longer change for the lifetime of the bitmap, which corresponds
to the semantic of the old m_isDataComplete member. setImmutable is
also called on the cached resized bitmap, since it too is invariant for
its life time. Temporary resized bitmaps are also marked as immutable
since they technically are.

(WebKit::WebViewImpl::resize): The assert was here to catch a view that
tried to do a resize after setting autoresize. However, we found that generic
code tries to do resizes as well. Rather than special case each caller,
we'll just make this code ignore the resize call.

NPRuntimeObjectMap::invalidate is called whenever a plug-in view is destroyed. If invalidate is called for an object map
whose plug-in has a null frame, we'd crash.

The plug-in will have a null frame if the plug-in view is destroyed because its containing frame has been removed from the document,
and if the plug-in view is being destroyed asynchronously due to the plug-in itself calling JavaScript that will remove the frame
(see PluginView::unprotectPluginFromDestruction).

The reason NPRuntimeObjectMap::invalidate will crash when the frame is null is because we were trying to access the frame's global
object, causing a null dereference. The reason we were trying to get at the frame's global object was to create a Strong handle to
a JSNPObject so we could stick the object in a vector so we could later iterate over the vector elements and call invalidate() on
each JSNPObject which will end up releasing the underlying NPObject.

However, it turns out that we don't need to stick the JSNPObject in a vector; we can just get the underlying NPObject directly and
stick that in a vector and then iterate over the NPObjects, releasing them.

WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:

(WebKit::NPRuntimeObjectMap::invalidate):

Tools:

Add an evaluate method to the plug-in test scriptable object that can be used to evaluate a given JS string.

Rather than generate getters for SerializedScriptValues, we eagerly
deserialize them into JavaScript objects. However, previously, we were
only doing that for DOM wrappers created by taking an existing C++
object and wrapping it. For objects created with Constructors (e.g.,
those with the [Constructor] attribute), we need to do this eager
deserialization during the constructor as well.

This bug isn't observable yet, but it is causing the WebIntent test
being added in Bug 73051 to fail.

This change consolidates much of the "factory method" logic
of determining which port objects to create for a given set
of configurations by merging the separate factory methods in
chromium_gpu and google_chrome into PortFactory so that at least
all of the logic is in one place.

Moved the hash calculation code into an out-of-line function to clean up
the hot path.

No measurable benchmark change, but this knocks some samples off in
Instruments, and I think this is a step toward removing -fomit-frame-pointer.

wtf/text/StringImpl.cpp:

(WTF::StringImpl::hashSlowCase):

wtf/text/StringImpl.h:

(WTF::StringImpl::hash): The patch.

wtf/text/StringStatics.cpp:

(WTF::StringImpl::hashSlowCase): Abide by the cockamamie Windows build
scheme, which requires all out-of-line StringImpl functions used by
WebCore be defined in this file instead of StringImpl.cpp. (See ​http://trac.webkit.org/changeset/59187.)

Lazily invalidate the node list caches instead of invaliding them at the time of modification. We use
the DOM tree version to detect whether caches need to be invalidated or not. We now invalidate caches more
frequently after this patch (in particular, invalidates caches that are stored on nodes not present in
the ancestry of the modified nodes); however, our study on major Web sites such as Gmail, Facebook, Twitter,
etc... indicate that about 1% of real-world usage benefits from keeping the caches alive across different
DOM tree versions.

In order to invalidate caches lazily, this patch adds replaces the type of m_caches in DynamicSubtreeNodeList
by DynamicSubtreeNodeList::SubtreeCaches which encapsulates member variables in DynamicNodeList::Caches and
invalidates values as needed. Also this change allows m_caches to be allocated as a part of
DynamicSubtreeNodeList instead of a separate ref-counted object.

Remove this quirk entirely. Mozilla and Opera don't implement it and IE
doesn't restrict the quirk to standards mode. As it's unlikely for
webkit-only content to hit this quirk (e.g. use tables for layout),
it should be relatively safe to match Mozilla/Opera here.

(WebKit::ChromeClient::attachRootGraphicsLayer): Use the new AccleratedCompositingContext now
instead of calling into the WebView.
(WebKit::ChromeClient::setNeedsOneShotDrawingSynchronization):Ditto.
(WebKit::ChromeClient::scheduleCompositingLayerSync): Ditto.

webkit/webkitwebview.cpp:

(webkit_web_view_size_allocate): Call in the ACContext.
(webkit_web_view_init): Initialize the ACContext.

Make classes QQuickUrlSchemeDelegate, QQuickNetworkRequest
and QQuickNetworkReply accessible from QML.

Reviewed by Kenneth Rohde Christiansen.

declarative/experimental/experimental.pri:

declarative/experimental/plugin.cpp:

declarative/public.pri:

Source/WebKit2:

Allow creation of custom UrlSchemeDelegates from QML.
A UrlSchemeDelegate contains a handler signal that is triggered
when a url matching the defined scheme is requested.
To allow for this a derivation of QNetworkAccessManager
is necessary.
The request is then handled in QML/JS and a reply
is sent back from the UIProcess to the WebProcess.

Teach NRWT to use run-safari to open results.html on Apple's Windows port

NRWT was trying to use User.open_url, which doesn't work on Cygwin. But run-safari is
better, since we always want to open results.html using the user's build of WebKit, not
whatever their default browser is.

Safari expects the first argument in the command-line to be the path to Safari.exe itself.
This is how things get set up when Safari is launched normally (e.g., by Explorer). Safari
thus ignores the first argument when looking for command-line arguments. WebKitLauncherWin
was not including the path to Safari.exe in the command-line, so Safari was ignoring the
first argument that WebKitLauncherWin was trying to pass to it.

Array object commonly store data in a vector, consisting of a portion that is
in use, a pre-capacity (m_indexBias) and a post-capacity (the delta between
m_length and m_vectorLength). Calls to shift with grow the pre-capacity, and
the current algorithm for increaseVectorLength (used by push, or Put?) will
never shrink the pre-capacity, so a push/shift fifo may consume an inordinate
amount of memory, whilst having a relatively small active length.

The associated test case creates a condition where a relative
positioned renderer is a descendant of an anonymous block for a
table column. The anonymous block is the containingBlock() for the
relpositioned renderer. Removal of a div causes the anonymous blocks to
be merged, and the renderer becomes a descendant of a different block.
Since the new containingBlock() has an empty positionedObject list,
the relpositioned renderer does not get layout after being dirtied.

This patch changes containingBlock() so that it returns the container
of an anonymous block for positioned objects, not the anonymous
block itself. It also adds an ASSERT to insertPositionedObject()
to flag any other cases where something is trying to create a
positioned object list on an anonymous block.

We do unnecessary KURL->NSURL* and String<->NSString* when calling [WebView
userAgentForURL:] from WebFrameLoaderClient::userAgent. Instead we add a separate function,
_userAgentString that returns a WTF::String to make this call faster.

Work around a bug in CoreGraphics, that caused incorrect bounds for paths
consisting only of move-to elements. This causes problems in SVG, when the enormous
bounds prevented the drawing of things behind.

Tests: svg/custom/path-moveto-only-rendering.svg

svg/custom/subpaths-moveto-only-rendering.svg

platform/graphics/cg/PathCG.cpp:

(WebCore::PathIsEmptyOrSingleMoveTester::PathIsEmptyOrSingleMoveTester): Class to
test for isEmpty accoridng ot the same rules as other platforms.
(WebCore::PathIsEmptyOrSingleMoveTester::isEmpty): Query the result
(WebCore::PathIsEmptyOrSingleMoveTester::testPathElement): Path iterator method
(WebCore::PathHasOnlyMoveToTester::PathHasOnlyMoveToTester): Class to test whether a
path contains only move-to elements, and hence should have null bounds.
(WebCore::PathHasOnlyMoveToTester::hasOnlyMoveTo): Query the result
(WebCore::PathHasOnlyMoveToTester::testPathElement): Path iterator method.
(WebCore::Path::boundingRect): Modified to check for move-to only paths
(WebCore::Path::fastBoundingRect): Modified to check for move-to only paths
(WebCore::Path::isEmpty): Now uses the method that matches other platforms.
(WebCore::Path::hasCurrentPoint): Now uses CGPathIsEmpty directly
(WebCore::Path::transform) : Now uses CGPathIsEmpty directly

LayoutTests:

Work around a bug in CoreGraphics, that caused incorrect bounds for paths
consisting only of move-to elements. This causes problems in SVG, when the enormous
bounds prevented the drawing of things behind.

In paintButton(), the local context is set up first, and later the context is
scaled if there's a zoomFactor. Skia creates the CoreGraphics context to draw the
button into without that scale factor. To fix this, another local context is added
after the parameter context scale, before the button draw. The first local context
is still required to restore the parameter context state.

Make the WebKit2 FrameNetworkingContext implementation store the
WebFrame instead of the WebCore::Frame as this is needed for the Qt
port to implement a.o. HTTP autentication and SSL support.

As the WebFrameNetworkingContext is partly shared across all WebKit2 ports,
all port specific files have been modified.

For the Qt implementation of FrameNetworkingContext, we also set a
property to the originatingObject for the page ID. We also switch to
using an OwnPtr instead of a raw C++ pointer for the
m_originatingObject member.

Replaces alloca to C++ new placement as it is not very portable.
It allows to skip checking of memory allocation as new never returns NULL.
According to Edje's documentation type of val (member of Edje_Message_Float_Set)
is double so I changed it to avoid undefined behaviour.

As ewk_view discards a queue for invalidation requests
as soon as it proceeds the repaint step, the newly produced invalidation requests
from ewk_view_layout_if_needed_recursive API can be discarded
and unpainted dirty area can occur.
As this issue is just caused by use of flush API in repaint step,
(internal API) ewk_view_repaints_get is replaced with ewk_view_repaints_pop
in order to make sure that old invalidation requests are removed from queue.
And in addition to that, ewk_view_repaint_add is modified
in order to let queue of invalidation requests keep a proper size.
As a result flush API won't be used for the repaint step.

This change consolidates much of the "factory method" logic
of determining which port objects to create for a given set
of configurations by merging the separate factory methods in
chromium_gpu and google_chrome into PortFactory so that at least
all of the logic is in one place.

(dllLauncherEntryPoint): This function is called by the stub launcher and just calls through
to main.

win/DLLLauncher/DLLLauncherMain.cpp:

(main):
(wWinMain):
Added support for launching console programs. When USE_CONSOLE_ENTRY_POINT is defined, the
stub launcher acts as a console program and calls a console version of
dllLauncherEntryPoint.

MiniBrowser/win/main.cpp: Moved the /manifestdependency code to DLLLauncherMain.cpp, since

it needs to be compiled into the .exe instead of the .dll.
(DllMain): Added. We use this to store the DLL's HINSTANCE.
(dllLauncherEntryPoint): Renamed from _tWinMain. This is what gets called by the
DLLLauncherMain code.

win/DLLLauncher/DLLLauncherMain.cpp: Moved the /manifestdependency code from MiniBrowser

Turn WinLauncher into a stub .exe launcher and a .dll that contains all the real code

This allows us to add the Apple Application Support directory to PATH before trying to load
WebKit so that CoreGraphics.dll and friends can be found. Eventually all our WebKit apps
should use this mechanism.

(DllMain): Added. Stores the DLL HINSTANCE in the global hInst variable. This used to be
done by the now-removed InitInstance function.
(dllLauncherEntryPoint): Renamed from _tWinMain. This is the function that our stub launcher
calls. Merged code from InitInstance into this function, and change to use the global hInst
variable, which corresponds to WinLauncher.dll, rather than the HINSTANCE passed into this
function, which corresponds to WinLauncher.exe.

WinLauncher/WinLauncher.vcproj:

WinLauncher/WinLauncherCommon.vsprops:

Changed to build WinLauncher.dll instead of WinLauncher.exe.

WinLauncher/WinLauncherLauncher.rc: Added.

WinLauncher/WinLauncherLauncherResource.h: Added.

This just references the WinLauncher.ico file to set the application icon (though it looks
like that's a default icon).

but changed to build WinLauncher.exe using the new DLLLauncherMain.cpp file.

WinLauncher/WinLauncherLauncherCommon.vsprops: Added.

WinLauncher/WinLauncherLauncherDebug.vsprops: Added.

WinLauncher/WinLauncherLauncherDebugAll.vsprops: Added.

WinLauncher/WinLauncherLauncherDebugCairoCFLite.vsprops: Added.

WinLauncher/WinLauncherLauncherProduction.vsprops: Added.

WinLauncher/WinLauncherLauncherRelease.vsprops: Added.

WinLauncher/WinLauncherLauncherReleaseCairoCFLite.vsprops: Added.

win/DLLLauncher/DLLLauncherMain.cpp: Added.

(enableTerminationOnHeapCorruption): Uses HeapSetInformation to tell Windows to kill the
program if it detects heap corruption.
(getStringValue): Helper function to read a string value from the registry.
(applePathFromRegistry): Helper function to read the InstallDir for a given Apple
application from the registry.
(appleApplicationSupportDirectory): Helper function to return the path to the Apple
Application Support directory.
(copyEnvironmentVariable): Helper function to copy an environment variable's value.
(prependPath): Helper function to prepend a directory to the PATH.
(fatalError): Helper function to display an error to the user.
(wWinMain): Add Apple Application Support to the PATH, then load our DLL and call its
dllLauncherEntryPoint function.

SelectorChecker::determineSelectorScopes currently searches to the end of the selector chain and
then sees if the last one is suitable to be a scope. A better algorithm will find a scope from
anywhere in the chain.

With this patch we search the whole chain for potential scopes. We now prefer id scopes
over class scopes. Scopes can be found for rules using sibling selectors too.

On both engadget.com and nytimes.com, we can now skip one more full style recalc due to
the improved stylesheet analysis.

Upstream the RenderTheme and ScrollbarTheme for Android. These are
mostly derived from their Linux variants.

RenderThemeChromiumAndroid inherits from RenderThemeChromiumLinux and
only overrides the three methods which have different behavior.
Scrollbars will be drawn in the threaded compositor for Android (which
will be upstreamed later), but for increased layout test parity we'll
match Chromium-Linux.

No new tests. This code will be exercised by existing layout tests, and
by manually verifying that theme parts render as expected.

A sequence of indirect adjencency combinator such as "li ~ li ~ la" could with the
former algorithm potentially do an quadratic number of element matches.
The recursive matching algorithm now detects cases where all siblings have
failed one indirect sibling match and fails the entire selector.

Test: perf/nested-combined-selectors.html

css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkSelector): Return SelectorFailsAllSiblings when
all siblings have failed a selector component.

Don't filter out @charset rules from CSSRuleLists. This was forcing us to clone
the stylesheet rule list, and is unnecessary since InspectorStyleSheet disregards
any rule that isn't either a style rule or a rule with an internal rule list.

(webkitWebViewLoadFail): Use webkit_web_view_replace_content().
(webkitWebViewLoadChanged): Do not emit load-changed signal when
replacing content.
(webkitWebViewLoadFailed): Do not emit load-failed signal when
replacing content.
(webkitWebViewSetEstimatedLoadProgress): Do not emit
notify::estimated-load-progress signal when replacing content.
(webkit_web_view_replace_content):

A new header ASCIIFastPath.h contains the functions related to
the detection of ASCII by using machine words. Part of it comes from
WebCore's TextCodecASCIIFastPath.h.

The function charactersAreAllASCII() is moved to TextCodecASCIIFastPath.h
and is implemented with computer word comparison.
The gain over the previous implementation of charactersAreAllASCII() is of
the order of how many comparison are avoided (4x, 8x, 16x depending on the
format and the CPU type).

Several of the WTF logging functions make multiple calls to vprintf_stderr_common to output a
single line of text. This results in strangely formatted output if vprintf_stderr_common is
retargeted to an output device that is message-oriented (such as ASL) rather than stream-oriented
like stderr.

Reviewed by Dan Bernstein.

wtf/Assertions.cpp:

(vprintf_stderr_with_prefix): Helper function to prepend a given prefix on to the given format
string before handing it off to vprintf_stderr_common. This requires disabling warnings about
calling a printf-like function with a non-literal format string for this piece of code. It's
safe in this particular case as vprintf_stderr_with_prefix is only ever given a literal prefix.
(vprintf_stderr_with_trailing_newline): Helper function to append a trailling newline on to the
given format string if one does not already exist. It requires the same treatment with regards
to the non-literal format string warning.
(WTFReportAssertionFailureWithMessage): Switch to using vprintf_stderr_with_prefix.
(WTFReportBacktrace): Switch from calling fprintf directly to using fprintf_stderr_common.
(WTFReportFatalError): Switch to using vprintf_stderr_with_prefix.
(WTFReportError): Ditto.
(WTFLog): Switch to using vprintf_stderr_with_trailing_newline.
(WTFLogVerbose): Ditto.

The Array object commonly store data in a vector, consisting of a portion that
is in use, a pre-capacity (m_indexBias) and a post-capacity (the delta between
m_length and m_vectorLength). Calls to pop with grow the post-capacity, and the
current algorithm for increasePrefixVectorLength (used by unshift) will never
stink the post-capacity, so a unshift/pop fifo may consume an inordinate amount
of memory, whilst having a relatively small active length.

runtime/JSArray.cpp:

(JSC::storageSize):

sizeof(JSValue) should be sizeof(WriteBarrier<Unknown>)

(JSC::SparseArrayValueMap::put):

sizeof(JSValue) should be sizeof(WriteBarrier<Unknown>)

(JSC::JSArray::increaseVectorLength):

sizeof(JSValue) should be sizeof(WriteBarrier<Unknown>)

(JSC::JSArray::unshiftCountSlowCase):

renamed from increaseVectorPrefixLength (this was a bad name, since it
also moved the ArrayStorage header), rewritten.

(JSC::JSArray::shiftCount):

sizeof(JSValue) should be sizeof(WriteBarrier<Unknown>), count should be unsigned

(JSC::JSArray::unshiftCount):

sizeof(JSValue) should be sizeof(WriteBarrier<Unknown>), count should be unsigned,
increaseVectorPrefixLength renamed to unshiftCountSlowCase

(JSC::JSArray::sortNumeric):

runtime/JSArray.h:

Updated function declarations, m_indexBias should be unsigned.

01/04/12:

Since JSC::Arguments has an OwnPtr for a member it needs to override destroy
to ensure that the correct destructor is invoked. This is necessary because
JSCell subclasses all intentionally have non-virtual destructors.

Source/WebKit2: Allow WebProcess to launch a client process and become its first WebProcess.

This is the WebKit2 part of fixing <​http://webkit.org/b/75444> Debugging WebProcess requires running a UI process first and waiting to attach

Reviewed by Anders Carlsson.

PluginProcess/mac/PluginProcessMainMac.mm:

(WebKit::PluginProcessMain): Added a newline to stderr output.

UIProcess/Launcher/mac/EnvironmentVariables.cpp:

(WebKit::EnvironmentVariables::preexistingProcessServiceNameKey): Added. Returns the name
of the environment variable that optionally tells a UI processs to look for a preexisting
web process instead of launching a new one.
(WebKit::EnvironmentVariables::preexistingProcessTypeKey): Added. Returns the name of the
environment variable that tells a UI process the type of the preexisting web process
indicated by the other variable.

UIProcess/Launcher/mac/EnvironmentVariables.h:

UIProcess/Launcher/mac/ProcessLauncherMac.mm:

(WebKit::ProcessLauncher::launchProcess): Changed to look for a preexisting web process if
the aforementioned environment variables are set and the preexisting process has not been
used yet.

WebProcess/mac/WebProcessMainMac.mm:

(WebKit::WebProcessMain): Changed to look for the -client-executable command-line option,
and if present, launch the specified executable, setting variables in its environment that
tell it to use this preexisting web process, then wait for it to send a send right to its
listening port.

Tools: Add a --target-web-process option to the debug-* scripts. When specified, the scripts will
start WebProcess under gdb and WebProcess will then run the client executable.

This is the Tools part of fixing <​http://webkit.org/b/75444> Debugging WebProcess requires running a UI process first and waiting to attach

Reviewed by Anders Carlsson.

Scripts/webkitdirs.pm:

(shouldTargetWebProcess): Added.
(determineShouldTargetWebProcess): Added. Checks for --target-web-process.
(execMacWebKitAppForDebugging): Changed to target gdb at WebProcess and pass the path to the
app using the -client-executable option if targeting the web process.

This code doesn't have lifetime issues, but this change is
about getting rid of AllowCrossThreadAccess and getting rid of a leakRef.
This allows the code to follow a more common pattern and be more easily
verified as being correct.

(WebKit::WorkerFileSystemContextObserver): Move the WorkerContextObserver
out of the WorkerFileSystemCallbacksBridge since an observer should be
destroyed on the WorkerContext thread. (Actually, it could be destroyed on either
thread if you are careful to make a certain method call on it while on the WorkerContext
thread but trying that is a more fragile pattern.)
(WebKit::WorkerFileSystemCallbacksBridge::WorkerFileSystemCallbacksBridge):
(WebKit::WorkerFileSystemCallbacksBridge::stop): Factor out the clean up and make it
clear what the mutex is guarding.
(WebKit::WorkerFileSystemCallbacksBridge::cleanUpAfterCallback): Delete
the observer. Due to where this is called from, it is always called on the WorkerContext thread.
(WebKit::WorkerFileSystemCallbacksBridge::runTaskOnWorkerThread): Replace some code with
the cleanUpAfterCallback call.
(WebKit::WorkerFileSystemCallbacksBridge::mayPostTaskToWorker):

src/WorkerFileSystemCallbacksBridge.h: In addition to some comment clean ups and code factoring,

Lazily invalidate the node list caches instead of invaliding them at the time of modification. We use
the DOM tree version to detect whether caches need to be invalidated or not. We now invalidate caches more
frequently after this patch (in particular, invalidates caches that are stored on nodes not present in
the ancestry of the modified nodes); however, our study on major Web sites such as Gmail, Facebook, Twitter,
etc... indicate that about 1% of real-world usage benefits from keeping the caches alive across different
DOM tree versions.

In order to invalidate caches lazily, this patch adds replaces the type of m_caches in DynamicSubtreeNodeList
by DynamicSubtreeNodeList::SubtreeCaches which encapsulates member variables in DynamicNodeList::Caches and
invalidates values as needed. Also this change allows m_caches to be allocated as a part of
DynamicSubtreeNodeList instead of a separate ref-counted object.

The bug was caused by the background color of the wrapping style overriding the background color
in a matched rule of a highest element to be serialized. Fixed the bug by removing the conflicting
background color prior to the merge.

It is a relatively common pattern to use inline stylesheets in document body where all rules are scoped using descendant selector

<style>
#foo {...}
#foo div {...}
#foo .bar {...}
</style>

When this pattern is used it is also common that the rules only apply to elements that come after the style element.

When the set of active stylesheets changes we invalidate and recompute the entire document style. This is very expensive. We can
detect the case above and avoid the style recalc.

On engadget.com, this patch cuts the time spent in style recalcs to roughly half. There are further savings from reduced
relayouts. In total the engine CPU time used over the page load is reduced by ~10%.

Find if all rules on a stylesheetare scoped to some set of ids and classes.

(WebCore::CSSStyleSelector::styleForDocument):

Add optional font selector argument. We updated the correct base style font on style selector construction but that is no longer sufficient
as font selector may be updated without reconstructing the style selector.

(WebCore::RuleSet::addRulesFromSheet):

Invalidate the matched declaration cache in case of new font-face rules.

css/CSSStyleSelector.h:

css/SelectorChecker.cpp:

(WebCore::SelectorChecker::determineSelectorScopes):

Find if all rules on a selector list are scoped to some set of ids and classes.

css/SelectorChecker.h:

dom/Document.cpp:

(WebCore::Document::Document):
(WebCore::Document::recalcStyle):

Pass the font selector, if exists, to styleForDocument so we always have the base font up to date.

UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::headerHeight):
(WebKit::WebPageProxy::footerHeight):
(WebKit::WebPageProxy::drawHeader):
(WebKit::WebPageProxy::drawFooter):
Do not ask the client about headers and footers when printing a PDF.

The texture copy fails on Windows as glCopyTexImage2D() doesn't
support BGRA source textures.
This change also modifies Canvas2DLayerChromium::updateCompositorResources
to call glCopyTexSubImage2D() instead of glCopyTexImage2D() so that
the copy can work with texture allocated via the glTexStorage2D
extension.

We were keeping the correct static link order between the intermediate
WebKit libraries, but not the internal dependencies for each of those
libraries. The load() will in some instances mess with LIBS, so we need
to ensure that the dependent libraries are added after the library we
are linking against.

./idl_files.tmp' command to 'printf "foo\nbar\nbaz\n" > ./idl_files.tmp'. We use the
patsubst function to append "\n" to each IDL filename, then use the subst function to remove
the spaces between the filenames.

The custom qmake variable 'WEBKIT' is used for signaling that a
target depends in some way on other subproject of the WebKit
project. For now this is limited to the set of intermediate
libraries: wtf, javascriptcore, webcore, and webkit2.

This replaces the previous convension of using load(foo) for
just include paths, and CONFIG += foo to also link against foo.

Adding a dependency results in additional include paths being
available, and potentially linking to the library. This is
decided by the build system based on conditions such as what
kind of target is being built and the general build config.

An advantage to his approach is that it simplifies the individual
foo.prf files, for example by allowing us to use INCLUDEPATH +=
and LIBS += as normal instead of prepending.

TestShellLinux.cpp can be re-used for the test-shell on the WebKit
Chromium port for Android. Most custom inclusions for the DumpRenderTree
target are done in Tools/DumpRenderTree.gypi, but since *Linux.cpp files
are being excluded by a global rule on sources it has to be later in
the project generation process.

The current implementation uses the scale property of the QQuickWebPage
to scale the page in response to pinch gestures.
However for layout and anchoring to work correctly in QML, pinching needs
to change the page size.
This patch applies the pinch scale to the page size and to the transformation
matrix of the drawing area.
Thus the page item's coordinate system is no longer a direct representation
of the WebCore::Page coordinate system and it is no longer suitable as
an inertial frame of reference for input events. The event propagation had
to be moved to the QQuickWebView and the positions translated to content
coordinates when NativeWebEvents are created.

Use unsigned instead of int.
No need to clone the range as we don't modify it.
Support selections which include a composition.
If we are not in editable content make sure to use the document element
as the scope for calculating the positions and lengths.
Remove compositionStart/Length as there cannot be a selection and
composition at the same time.

Only tested manually as we don't have everything in place yet
to properly test this.

For now there are cairo related code scattered around the ewk_tiled_backing_store.
From the point of code complexity view, it doesn't look good and I couldn't notice any benefit of it.
So, this patch will let cairo related code be used only for painting operation.

Source/cmakeconfig.h.cmake: Modified to add a new cmakedefine ENABLE_DOWNLOAD_ATTRIBUTE.

Tools:

Add ENABLE_DOWNLOAD_ATTRIBUTE webkit feature into the build script so that
it could initiate download directly if it has the download attribute in the link
and doesn't need to open new blank page for the target="_blank". Enabling this
feature in the BlackBerry porting also prepares for later blob feature implementation.

Scripts/build-webkit: Modified to handle ENABLE_DOWNLOAD_ATTRIBUTE. Make it default on

(webkitWebViewBaseNotifyResizerSizeForWindow): Get the size of the
main window resize grip and send it to the page proxy if it
overlaps with the view.
(toplevelWindowResizeGripVisibilityChanged): Call
webkitWebViewBaseNotifyResizerSizeForWindow().
(webkitWebViewBaseRealize): Get the toplevel window and connect to
notify::resize-grip-visible signal.
(webkitWebViewBaseSizeAllocate): Call
webkitWebViewBaseNotifyResizerSizeForWindow().

Removed the offending assertion, since it was wrong. Also hardened the code to make
this case less likely by first having the propagator fixpoint converge, and then doing
double voting combined with a second fixpoint. This is neutral on benchmarks and
fixes the assertion in a fairly low-risk way (i.e. we won't vote a variable double
until we've converged to the conclusion that it really is double).

dfg/DFGPropagator.cpp:

(JSC::DFG::Propagator::propagatePredictions):

dfg/DFGVariableAccessData.h:

(JSC::DFG::VariableAccessData::tallyVotesForShouldUseDoubleFormat):

LayoutTests:

Reviewed by Andy Estes.

Created a fuzzer that produces sufficiently awkward data flow that includes variables
that become either double, or integer, or mix of double and integer only after multiple
iterations of a fixpoint. This crashes the compiler prior to this patch, but works with
this patch.

We used to return a value to avoid some refchurn, but now that we're
using tasks, we always need to take that reference. Removing the
return value lets us remove the template parameter, which is a boon.
This patch has no impact on the html-parser.html benchmark.

To support cross-process postMessage calls in Chromium (bug 73337), we need to intercept
postMessage calls to proxy windows. Originally we were just going to add a native event
listener on the Chromium side, but that required more changes to WebKit and was a bit of
a hack. See bug 73359 for a discuss about moving to this approach.

The underly issue with causing the crash is that we're re-entering the
tree builder. We've done a bunch of point fixes around tree builder
re-entrancy, but neither the implementation nor the specification are
really designed to handle re-entrancy.

Firefox avoids this problem by putting the parser on its own thread. I
don't think we're quite ready to do that yet (although we will
eventually, presumably, as computers become ever more parallel). The
approach in this patch is to queue up the DOM mutations and actually
perform them on a shallower stack. That's essentially the approach
we've used for executing <scripts>.

This patch queues up DOM modifications and executes them from a clean
call stack, stopping us from re-entering the tree builder. We might
need to experiment with exactly where to kick off the queue, but this
location seems reasonable and fixes the crash.

Test: fast/parser/re-enter-and-crash.html

html/parser/HTMLConstructionSite.cpp:

(WebCore::executeTask):

Add a helper function for actually executing a queue DOM
mutation.

(WebCore::HTMLConstructionSite::attach):

Instead of actually attaching the element to the DOM, this
function now queues the element for attachment. In a follow-up
patch, I plan to change this function to return void (and I'll
probably rename it to something that makes it clear that it only
queues the attachment).

Setting the compatmode from the Doctype requires the doctype to
actually be in the DOM, so we need to execute our queued tasks
synchronously. We can likely improve this function by passing
the Doctype element explicitly in a follow-up patch.

Add a task object that holds on to the relevant elements. We
define some vector traits for this object to match the traits on
RefPtr (which make Vector operations faster by explaining that
this type is moveable without having to churn reference counts).

html/parser/HTMLElementStack.cpp:

(WebCore::HTMLElementStack::pushCommon):

We delay the "begin parsing" call until we actually attach the
element to the DOM. That splits the responsibility for calling
begin/finished, which is less than ideal, but I didn't see
another solution.

The reason these tags weren't colorized correctly was because the
characters for the end tags where consumed by the tokenizer at the same
time as it consumed the text of the script tag. These characters are
buffered internally by the tokenizer because the tokenizer is searching
for "an appropriate end tag", which is "</script>" in this case.

I tried a number of different approaches to fixing this bug. The
approach in this patch adds an accessor to the tokenizer to read out
the buffered characters. This approach makes it easier for the
HTMLSourceTracker to get exactly the right value for these buffered
characters without having to do a complicated simulation of the
buffering itself.

Tests: fast/frames/viewsource-plain-text-tags.html:

html/parser/HTMLViewSourceParser.cpp:

(WebCore::HTMLViewSourceParser::pumpTokenizer):

html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizer):

Give the HTMLSourceTracker a pointer to the tokenizer so it can ask
for the buffered characters.

html/parser/HTMLSourceTracker.cpp:

(WebCore::HTMLSourceTracker::start):

The idea here is to treat characters buffered internally by the
tokenizer the same way we treat characters that were contained in a
previous segment of source. We copy them into our accumulation
buffer and adjust the token base offset to account for the extra
characters.

(WebCore::HTMLSourceTracker::end):

Don't consier the character buffered by the tokenizer to be part of
the token we've just finished.

(WebCore::HTMLSourceTracker::sourceForToken):

Remove the assumption that all of the m_previousSource is contained
in the source for the current token. Because we now understand
that the tokenizer can buffer some characters internally, we might
not exhaust the m_previousSource.

html/parser/HTMLSourceTracker.h:

Rename m_sourceFromPreviousSegments to m_previousSource and changed
to a SegementedString to avoid extra mallocs we keep appending tiny
segments.

Rename m_source to m_currentSource to contrast nicely with
m_previousSource.

Previously, we cleared the temporary buffer lazily when we needed
to add new characters to it. Now we clear it eagerly so that it's
length tells us whether we're currently using it to store
characters.

Previously, we weren't storing the character that we used to
terminate the appropriate end tag (e.g., the > in </script>)
because we didn't need to "unbuffer" that character into the
HTMLToken::appendToCharacter. Now, we do store that character in
the temporary buffer so that the HTMLSourceTracker can see that
character.

(WebCore::HTMLTokenizer::bufferedCharacters):

html/parser/HTMLTokenizer.h:

(WebCore::HTMLTokenizer::numberOfBufferedCharacters):

Add accessor methods to copy out the buffered characters.

Also, unrelated to the rest of this patch, I made the constructor
for HTMLTokenizer explicit because it takes only a single
paramater, per the style guide.

platform/text/SegmentedString.cpp:

(WebCore::SegmentedString::clear):

SegmentedString::clear wasn't clearing all of its state. I don't
think this issue was actually observable, but I noticed it when
working on this patch, so I fixed it.

Provide a "getHighlight" method alongside "drawHighlight" that
gets most of the important node highlighting information. This
can be used by a port to do its own node highlighting or provide
extra content without interfering with the highlight rects.

The CSS visibility property was not being properly obeyed by many
specialized layer types in the accelerated compositor. The root of
the problem was that drawsContent and contentsVisible flags were
not properly propagated into the compositor. This patch removes
the drawsContent() callback, and instead makes sure that
drawsContent and contentsVisible are "pushed" through the
accelerated compositor.

The bug was caused by the code that generated text out of pre-rendered text was generating div's inside the fragment
pasted into textarea even though serialization algorithm in textarea doesn't handle block elements.

Fixed the bug by special-casing this in createFragmentFromText. In the long run, we should really get rid of this
whole pre-rendering trick.

Long ago, before scrollbars became their own layers, tiled layers had
a distinction between content space (what's mostly called layer space
elsewhere) and layer space (the transformed content space). It seemed
like this transform could get reused for supporting RTL pages, but as
that's not the case, it should be eradicated.

Tiled layers now deal with everything in "layer space", which is a 2d
rectangle starting at (0, 0) in the top left of the layer and
extending to contentBounds() in the bottom right.

As no code actually set the tiler position, this change should be a
no-op.

Fixed rounding discrepancies between clientWidth, scrollWidth and foregroundClipWidth by using representing all by app units internally and rounding using pixelSnapped at use (as opposed to compute) time.

As the noncomposited content host layer is created and managed by the
Chromium compositor, adjust its transform appropriately in the layer
tree and at paint time to handle the offset required due to the
initial containing block of RTL pages.

This rewrite only significantly changes behaviour for sparse array, specifically
in how sparse arrays are reified back to vector form. This does not affect arrays
with less than 10000 entries (since these always use a vector). The more common
cases of sparse array behavior (though large sparse arrays are rare) - arrays that
always remain sparse, and arrays that are filled in reverse sequential order -
should be just as fast or faster (since reification is simpler & no longer
requires map lookups) after these changes.

Simplifying this code allows all cases of putByIndex that need to grow the vector
to do so via increaseVectorLength, which means that this method can encapsulate
the policy of determining how the vector should be grown.

No performance impact.

runtime/JSArray.cpp:

(JSC::isDenseEnoughForVector):

any array of length <= MIN_SPARSE_ARRAY_INDEX is dense enough for a vector.

Add the initial implementation of analyze-changelog command. This version supports parsing multiple changelogs
in a single directory and summarizes the result in json files. It also copies summary.html to the output directory
for visualizing json files.

Usage: webkit-patch analyze-changelog [--changelog-count N] <CHANGELOG_DIR> <OUTPUT_DIR>
where CHANGELOG_DIR is the directory to look for changelogs, OUTPUT_DIR is the directory into which the tool
generates json files, and N is the number of changelogs to parse.

Scripts/webkitpy/common/config/contributionareas.py: Added names().

Scripts/webkitpy/common/system/filesystem_mock.py: Added readline and iterator support to ReadableTextFileObject.

Per section 13.2.3 of the spec.
We could change setAccessorDescriptor to be able to share the global
GetterSetter object, rather than storing the accessor functions and
creating a new GetterSetter in defineProperty - but this won't be a
small change to PropertyDescriptors (and would probably mean making
GetterSetter objects immutable?) - so I'll leave that for another
patch.

(WebCore::BaseDateAndTimeInputType::sanitizeValue): check if the
incoming string is valid. If not just return the empty string.

LayoutTests:

Update ValidityState typeMismatch tests for date types, since
setting an invalid value now sanitized to the empty string.
So, what used to be an invalid value with a typeMismatch is
now a valid empty string and there is never a typeMismatch.

for rangeOverflow / rangeUnderflow tests update the
test to point out when a value was sanitized.

for typeMismatch tests, typeMismatch can no longer
happen for sanitized values. Change the test to output
if the value was sanitized or not and ensure that
we are never in a typeMismatch state. Disabled inputs
are also sanitized when their value changes.

(WebCore::backgroundClipRectForPosition): Changed RenderObject::isPositioned() to
a check for AbsolutePosition for consistency but also as this is equivalent due to:

the previous check for FixedPosition.

RenderView, which is positioned, will never goes to this code as it has no parent().

(WebCore::RenderLayer::backgroundClipRect): Removed the parent() check. While at
it, also moved the inline initialization of |backgroundClipRect| to its own function
and removed a |view| check as the associated ASSERT seems to never have been reached.

Make Port subclasses override the operating_system method rather than setting an attribute

Without this patch, any use of Port.operating_system() within a port's init method would
return the default value ("mac"). This was confusing the version-checking logic inside
ApplePort.init on Windows.

(Port.init): Removed code that set the self._operating_system attribute. Subclasses
should now override the operating_system method instead.
(Port.operating_system): Changed to always return "mac". Subclasses should override to
return something else.

Scripts/webkitpy/layout_tests/port/chromium_linux.py:

(ChromiumLinuxPort.init):
(ChromiumLinuxPort.operating_system):

Scripts/webkitpy/layout_tests/port/chromium_mac.py:

(ChromiumMacPort.init):
(ChromiumMacPort.operating_system):

Scripts/webkitpy/layout_tests/port/chromium_win.py:

(ChromiumWinPort.init):
(ChromiumWinPort.operating_system):

Scripts/webkitpy/layout_tests/port/mac.py:

(MacPort.init):
(MacPort.operating_system):

Scripts/webkitpy/layout_tests/port/win.py:

(WinPort.init):
(WinPort.operating_system):
Changed to override the operating_system method rather than setting the _operating_system
attribute, since setting the attribute isn't sufficient for code inside init methods.

Scripts/webkitpy/layout_tests/port/qt.py:

(QtPort.init):
(QtPort._path_to_webcore_library):
Changed to use self.operating_system() instead of self._operating_system, for consistency
with other Port-related code.

(QtPort.operating_system): Added this override of Port.operating_system that returns the
value we determined in our init method.

Scripts/webkitpy/layout_tests/port/test.py:

(TestPort.operating_system): Added this override of Port.operating_system that returns the
value we determined in our init method.

Scripts/webkitpy/layout_tests/port/base_unittest.py:

(PortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/chromium_linux_unittest.py:

(ChromiumLinuxPortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/chromium_mac_unittest.py:

(ChromiumMacPortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/chromium_win_unittest.py:

(ChromiumWinPortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/mac_unittest.py:

(MacPortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/qt_unittest.py:

(QtPortTest.test_operating_system):

Scripts/webkitpy/layout_tests/port/win_unittest.py:

(WinPortTest.test_operating_system):
Test that all ports return the expected operating system string.

No new tests. Testing GTK+ theming is quite difficult
because no two distributions have the same set of themes.
Current tests prevent regressions.

platform/gtk/RenderThemeGtk3.cpp:

(WebCore::applySliderStyleContextClasses): Added this helper that
properly handles the orientable style class.
(WebCore::RenderThemeGtk::paintSliderTrack): Use the new helper.
(WebCore::RenderThemeGtk::paintSliderThumb): Ditto.

TiledLayerChromium has some awkward code to handle lazily creating the
tiler, including lots of null checks and shadowing the tile size.
Instead, always create the tiler up front. As values change that
invalidate all tiles, reset it rather than clear the pointer.

(webkitWebViewLoadFail): Default implementation of
WebKitWebView::load-failed signal to show a custom error page.
(webkit_web_view_class_init): Add load-changed and load-failed
signals.
(webkitWebViewLoadChanged): Emit WebKitWebView::load-changed with
the given event.
(webkitWebViewLoadFailed): Emit WebKitWebView::load-failed signal
with the given event, failing uri and error.

We decide in features.prf whether or not fontconfig is available, and
set the HAVE_FONTCONFIG define accordingly. All leaf project files
should use this define to decide whether or not to link against
fontconfig, not do their own detection.

We don't need to add link_pkgconfig to CONFIG in each project file,
as we selectivly enable that configuration in defaults_post when
needed.

After r97555, we would include the borders in a CSS table's logical width even if the 'width'
property was a percent. This does not match what Firefox and IE are doing. Thus don't apply
this behavior to percent 'width'.

rendering/RenderTable.cpp:

(WebCore::RenderTable::computeLogicalWidth):

LayoutTests:

Several tests to check that we don't overflow our containing block with width: 100%.

(filenameToURL): We can use NULL in C.
(isValidParameterType): Utility function to filter GParamTypes
that can be edited.
(getOptionEntriesFromWebKitWebSettings): Avoid handling
construct-only properties and use the isValidParameterType
function. Makes the code a bit cleaner.